Quizzes on Facebook and other social media are very popular, but they can be exploited by identity thieves. A good example of this was the “10 Concerts, but there is one act that I haven’t seen live. Which is it?” Facebook quiz. While this may appear harmless, the information you provide may tell more about you than is safe to make public. It may provide information about your approximate age and preferences in music which can then be used by a scammer to send you a spear phishing email tailored to appeal to your particular interests that you may trust and click on a link contained in the email that contains either keystroke logging malware that can be used to steal your identity or ransomware.
Quizzes that ask about your favorite place to live or favorite movie characters may seem like simple fun, but may have been posted by an identity thief seeking to gather information the identity thief can use to make you a victim of identity theft. In addition, providing this type of personal information can help an identity thief determine your passwords or the answers to security questions that would enable the identity thief to change your passwords. Particularly problematic is when a pop up appears when you start the quiz requiring you to agree to allow a third-party application access to your Facebook profile. If you agree to this, you are permitting the quiz poster to gain access to your Facebook profile information, your location and much more. Don’t do it.
Last year, Louisiana Attorney General Jeff Landry issued a warning about social media quizzes and surveys. According to Landry, “Online surveys and quizzes may seem harmless enough, but the truth is they can expose you to hackers and scammers. It is difficult to tell which are innocent fun and which are coves for bad actors trying to steal your identity or worse.”
We all tend to put too much personal information on social media that can be exploited by scammers and identity thieves to our detriment. My advice is to avoid the problem entirely and not play these online games. However, if you, as many people do, find these quizzes and games to be fun to play, you may want to just adjust your privacy setting to “friends only” so that you limit who gets to see your answers. While you are at it, you also may want to check out your Facebook profile and remove personal information such as your phone number or home address.
Be particularly aware not to provide information that can answer common security questions, such as your mother’s maiden name, the name of your first pet, your childhood street address, your favorite food or the name of the elementary school you attended. A good practice when it comes to security questions is to use a nonsensical answer when you provide an answer when setting up your security question. Thus, the answer to the security question as to the name of your first pet can be “stapler.” This is so silly you will remember it and no hacker will ever be able to guess it from social media posts or quiz answers.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/